Will we ever see an end to ransomware attacks?

You have to assume it's going to happen. The news on Colonial Pipeline is too fresh to be able to say anything about their response actions. It’s all speculation as to whether or not the malware really propagated through the environment and got to the devices that manage the flow of the gasoline, or whether or not they pulled the plug on it all. We don't know if their cure was worse than the disease.

Anonymous Author
You have to assume it's going to happen. The news on Colonial Pipeline is too fresh to be able to say anything about their response actions. It’s all speculation as to whether or not the malware really propagated through the environment and got to the devices that manage the flow of the gasoline, or whether or not they pulled the plug on it all. We don't know if their cure was worse than the disease.
1 upvotes
Anonymous Author
I think ransomware attacks happen more than we hear about. One of my friends is a CFO of a building company and they got hit by a phishing attack. An IT administrator fell for it and the attackers got access to the machines. What’s interesting about how it spread is that they use Office 365 for email collaboration and none of the cloud services were compromised. It was their construction accounting software that was running on older Windows servers. Those machines got destroyed and encrypted. They hired a crisis response company to come in and kind of negotiate with the hackers, but it was like negotiating to buy a car. And they paid to get the encryption keys back. I feel like that could have happened to any company with any software/equipment combination. I don't know if Office 365 was just that resilient, if they were lucky, or the legacy construction accounting software was just low-hanging fruit.
2 upvotes
Anonymous Author
Some devices, whether they're supervisory control and data acquisition (SCADA) devices, or programmable logic controllers (PLC)—even a quarter-sized Arduino microcontroller—can be penetrated so easily. What I wonder about the pipeline is, along such a long stretch of equipment, who could have stuck a third-party, homemade set of boards together and used the pipe itself for transportation back into the network? Resource companies have been testing how serious a problem this is because there was a mining operation recently that used all-digital machines made by a huge equipment manufacturer. They had a close call where people were almost killed because the operator could not stop the vehicle. A crew was working in its path and it had no way to steer or break. It was just by luck that nobody was killed, but more of these incidents are coming. In situations where you have that many devices, it's not a bad idea to look to the IIoT for some of the things happening recently and the fixes that have been emerging, even those as simple as building a device with no plug, à la Apple. We tend to overlook the simple fixes because we're so involved in the technology.
2 upvotes
Anonymous Author
As long as people / companies continue to pay the ransom, the attacks will continue.
0 upvotes
Anonymous Author
I don’t think ransomware attacks are going anywhere. With more and more tech adaptions the attack surface is ever expanding. Today your data is encrypted, tomorrow your digital wallet or your IOT landscape may be the hostage. Tactics may change but the war will continue
3 upvotes